Lucene search
K

42 matches found

Cvelist
Cvelist
added 2019/11/08 7:7 p.m.19 views

CVE-2019-13539 Medtronic Valleylab FT10 and FX8 Reversible One-way Hash

Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform VLFT10GEN software version 4.0.0 and below, and Valleylab FX8 Energy Platform VLFX8GEN software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based...

7CVSS7.8AI score0.00268EPSS
Exploits0References2
CVE
CVE
added 2019/11/08 7:7 p.m.129 views

CVE-2019-13539

CVE-2019-13539 affects Medtronic Valleylab FT10 and FX8 platforms (Exchange Client v3.4 and below; FT10 v4.0.0 and below; FX8 v1.1.0 and below) due to the use of the descrypt OS password hashing (CWE-328). The issue enables an attacker who can access the device to obtain local shell access and re...

7.8CVSS7.7AI score0.00268EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/07/24 12:15 p.m.2 views

CVE-2019-1010163

Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overflow - Local shell-code execution and Denial of Service. The impact is: Local privilege escalation dependant upon conditions, shell code execution and denial-of-service. The component is: pdmlog.dll library. The attack vector is...

7.8CVSS7.5AI score
Exploits0References3
Prion
Prion
added 2019/07/24 12:15 p.m.21 views

Buffer overflow

Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overflow - Local shell-code execution and Denial of Service. The impact is: Local privilege escalation dependant upon conditions, shell code execution and denial-of-service. The component is: pdmlog.dll library. The attack vector is...

7.2CVSS8.1AI score0.00713EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/07/24 11:42 a.m.26 views

CVE-2019-1010163

Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overflow - Local shell-code execution and Denial of Service. The impact is: Local privilege escalation dependant upon conditions, shell code execution and denial-of-service. The component is: pdmlog.dll library. The attack vector is...

8.1AI score0.00713EPSS
Exploits1References3
CNVD
CNVD
added 2019/07/04 12:0 a.m.5 views

Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability

Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A command injection vulnerability exists in Cisco Enterprise NFV...

7.8CVSS7.8AI score0.00634EPSS
Exploits0References1
Cisco
Cisco
added 2019/07/03 4:0 p.m.119 views

Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability

A vulnerability in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS of an affected device as root. The vulnerability is due to insufficient input validation of a configuration file...

7.8CVSS2.3AI score0.00634EPSS
Exploits0References1
OSV
OSV
added 2018/07/24 1:29 p.m.5 views

CVE-2018-10905

CloudForms Management Engine cfme is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user...

7.8CVSS5.9AI score0.00474EPSS
Exploits0References3
Prion
Prion
added 2018/07/24 1:29 p.m.27 views

Design/Logic Flaw

CloudForms Management Engine cfme is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user...

7.2CVSS7.5AI score0.00474EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2018/07/24 1:0 p.m.56 views

CVE-2018-10905

CloudForms Management Engine cfme is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user...

7.8CVSS7.4AI score0.00474EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2016/11/17 5:0 p.m.12 views

Local Privilege Escalation

Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...

7.8CVSS7.7AI score0.01207EPSS
Exploits2References1
OSV
OSV
added 2016/06/23 12:59 a.m.4 views

CVE-2016-1435

Cisco 8800 phones with software 11.01 do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014...

7CVSS5.9AI score0.00272EPSS
Exploits0References2
Cisco
Cisco
added 2015/12/09 12:0 a.m.30 views

Multiple Cisco IP Phones Firmware Image Upload Vulnerability

A vulnerability in the TFTP implementation of the Cisco Small Business SPA30X and SPA50X IP Phones could allow an unauthenticated, local attacker to load arbitrary firmware images onto the affected device. The vulnerability is due to insufficient file integrity checks of the firmware image. An...

4.9CVSS6.5AI score0.0038EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2015/08/07 12:0 a.m.76 views

SOL17049 - PHP vulnerability CVE-2015-4598

Important: Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products, to trigger ...

7.5CVSS1AI score0.03917EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Webiz 2004 - Local Shell Upload Vulnerability

No description provided by source. Exploit Title: Webiz local SHELL Upload Vulnerability Date: 23-05-2010 Author: kannibal615 Software Link: N/A Version: 2004 Tested on: PHP CVE : N/A Code : @@ @@ @@@@@@ @@ @@ @@@@ @@@@@@@ @@ @@ @@@@@@@ @@@@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@@...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/10/15 12:0 a.m.14 views

Data/File upload and management Arbitrary File Upload Vulnerability

No description provided by source. : Exploit Title: Data/File upload and management local shell upload : : Date: 14/10/2010 : : Author: saudi0hacker : : Software Link: http://resellscripts.info/index.php?route=product/product&productid=137 : : Version: All version : : Tested on: linux b0x : :...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian Security Advisory DSA 197-1 (courier)

The remote host is missing an update to courier announced via advisory DSA 197-1. OpenVAS Vulnerability Test $Id: deb1971.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 197-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

4.6CVSS0.5AI score0.0034EPSS
Exploits0
Exploit DB
Exploit DB
added 2005/09/13 12:0 a.m.29 views

VisualBoyAdvanced 1.7.x - Non SUID Local Shell

/ VisualBoyAdvanced 1.7.x BufferOver Flow exploit VBA - WEBSITE : vba.ngemu.com Found & coded by Qnix - Qnixatbsdmaildotorg / include char shellcode = "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" / setuid / "\xeb\x5a\x5e\x31\xc0\x88\x46\x07\x31\xc0\x31\xdb\xb0\x27\xcd"...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/09/13 12:0 a.m.17 views

VisualBoyAdvanced 1.7.x - Non SUID Local Shell

VisualBoyAdvanced 1.7.x - Non SUID Local Shell / VisualBoyAdvanced 1.7.x BufferOver Flow exploit VBA - WEBSITE : vba.ngemu.com Found & coded by Qnix - Qnixatbsdmaildotorg / include char shellcode = "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" / setuid /...

Exploits0
Debian
Debian
added 2002/11/15 3:36 p.m.6 views

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-------------------------------------------------------------------------- Debian Security Advisory DSA 197-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2002 http://www.debian.org/security/faq -...

0.3AI score
Exploits0
Rows per page
Query Builder